25.06.2025
2 min
692
Four members of one of the world’s most notorious cybercrime groups, REvil, were released straight from the courtroom despite being found guilty of fraud involving payment cards. A court in St. Petersburg counted their previous imprisonment as already served sentences.
The court found Andrey Bessonov, Mikhail Golovachuk, Roman Muromsky and Dmitry Korotaev guilty of using malicious software and trading in stolen payment card data, including from US citizens. They were each sentenced to five years in prison, but were immediately released, having spent almost all of that time behind bars in pre-trial detention since 2022.
REvil was one of the most active groups distributing demanding software until its destruction in 2021. It was REvil that was behind the attacks on Kaseya, Lady Gaga, Donald Trump, and thousands of companies around the world. Despite this, in Russia they were tried not for blackmail or cyberattacks, but only for card fraud.
This arrest in 2022 was an unexpected step by the Kremlin after the call of then US President Joe Biden to take action against hackers. However, within a few weeks, Russia launched a full-scale war against Ukraine, and the REvil case gradually disappeared from the radar.
Experts suggest that such groups are used by Russia for cyber-intelligence and attacks against the West under the guise of criminal status, which provides a plausible denial of state involvement. The release of REvil members after a formal conviction illustrates Russia’s contradictory stance on cybercrime: on the one hand, high-profile arrests under international pressure, on the other, a de facto amnesty with the likely continued use of these personnel in the interests of the state. While the world struggles to confront digital threats, cybercriminals are back in the game — legally or not.
